Sunday, March 30, 2014
Sunday, March 16, 2014
Linux Containers - Building Blocks, Underpinnings and Motivations
I firmly believe Linux Containers (LXC) are poised to be the next Virtual Machine in our modern computing era. Consider:
More details on how containers are realized and some of their benefits can be found in my slide share presentation embedded below.
I will be speaking about Linux Containers at the 2014 cloudexpo east conference in NYC -- I hope you can join me to talk LXC. Please contact me for free access to the conference.
- Linux Containers run at near bare metal speeds.
- LXC operations (start, stop, spawn) execute very quickly (seconds or milliseconds).
- Containers provide nearly the same agility as traditional VMs.
- They can be deployed with very little per container (VM) penalty.
- Linux Containers are lightweight -- they can virtualize a system (Operating System) or one or more applications.
- LXC can be realized with features provided by a modern Linux kernel.
More details on how containers are realized and some of their benefits can be found in my slide share presentation embedded below.
I will be speaking about Linux Containers at the 2014 cloudexpo east conference in NYC -- I hope you can join me to talk LXC. Please contact me for free access to the conference.
OpenStack nova VM migration (live and cold) call flow
OpenStack nova compute supports two flavors of Virtual Machine (VM) migration:
Understanding these VM migration operations from an OpenStack internals perspective can be a daunting task. I had the pleasure of digging into these flows in the latter part of 2013 and as part of that effort created a rough outline of the internal flows. Other's I've worked with found these flow outlines useful and thus they're provided below.
- Cold migration -- migration of a VM which requires the VM to be powered off during the migrate operation during which time the VM is inaccessible.
- Hot or live migration -- zero down-time migration whereupon the VM is not powered off during the migration and thus remains accessible.
Understanding these VM migration operations from an OpenStack internals perspective can be a daunting task. I had the pleasure of digging into these flows in the latter part of 2013 and as part of that effort created a rough outline of the internal flows. Other's I've worked with found these flow outlines useful and thus they're provided below.
OpenStack nova boot server call diagram
The OpenStack architecture consists of multiple distributed services which often work together to carry out a single logical operation. Given the nature of this architecture, getting up to speed on the call flows and interactions can be a daunting task for developers and operational admins alike.
Not so long ago, I had to pleasure of digging into one of the more common flows in OpenStack nova compute -- the nova 'boot server' operation. As we all know the boot server operation provisions a new nova compute Virtual Machine (VM) on an underlying hypervisor such as KVM, ESXi, etc.. As part of the boot server operation, a number of OpenStack components are involved including:
Not so long ago, I had to pleasure of digging into one of the more common flows in OpenStack nova compute -- the nova 'boot server' operation. As we all know the boot server operation provisions a new nova compute Virtual Machine (VM) on an underlying hypervisor such as KVM, ESXi, etc.. As part of the boot server operation, a number of OpenStack components are involved including:
Thursday, March 13, 2014
OpenStack Keystone Workflow & Token Scoping
While recently browsing the OpenStack documentation updates for the Folsom release, I came across a new (new to me anyway) Keystone diagram which provides a well deserved depiction of a typical end-user workflow using Keystone as an identity service provider. This diagram not only provides greater incite to this typical workflow, but it also illustrates the notion of scoped vs unscoped tokens. I've pasted the diagram below for convenience, but the original document can be found on the OpenStack documentation site.
Although this diagram paints a nice picture of a typical workflow, it leaves a bit to the imagination in terms of which APIs are used for each step. Moreover some of the steps are a bit misleading depending on which token type scheme you are using with Keystone.
This post aims to further solidify the steps in the workflow diagram above.